CVE-2022-40347 Information

Description

SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in ‘phone’ ’email’ ‘deptType’ and ’name’ parameters allows attackers to execute arbitrary code and gain sensitive information.

Reference

https://github.com/h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated https://download-media.code-projects.org/2020/03/Intern_Record_System_In_PHP_With_Source_Code.zip https://code-projects.org/intern-record-system-in-php-with-source-code/